3 Gcti Jobs

Senior SOC Eng to lead incident response, threat detection & automation initiatives for Rocket EMS's globl security operatn. SIEM/SOAR optimization, advanced threat hunting & direct response to cyberattacks across endpoints, cloud & identity systems.

Role & responsibilities Position Summary: We are seeking an experienced and proactive Threat Intelligence & IR Lead to oversee our SOC threat intelligence and ensure the security of our organizations assets. The ideal candidate will have a minimum of 7 years of experience in cybersecurity, with a strong focus on threat intelligence, threat hunting, analysis & incident response. You will be responsible for identifying, analyzing, and mitigating threats to protect the organization's infrastructure, data, and operations. Key Responsibilities: Threat Intelligence & Incident Response : Develop, implement, and manage the organizations threat intelligence strategy and program. Lead a team of threat SOC analysts and ensure timely identification of emerging threats. Threat Identification and Analysis: Monitor and analyze cyber threat data, including data banks , data lakes , API access controls , threat feeds, and intelligence platforms. Identify trends, techniques, tactics, and procedures (TTPs) of threat actors and provide actionable insights. Collaboration and Reporting: Collaborate with internal teams (e.g., SOC, incident response, and risk management) to share threat intelligence insights. Prepare detailed threat reports and brief senior management on the organizations threat landscape. Threat Hunting and Mitigation: Conduct proactive threat-hunting activities to identify vulnerabilities and weaknesses in the organization’s systems. Recommend and implement mitigation strategies to address identified threats. Tool and Technology Management: Evaluate, implement, and maintain tools and technologies to support the threat intelligence program. Automate threat detection processes and maintain integrations with security operations platforms. Industry Engagement: Participate in threat intelligence sharing forums and build relationships with external organizations to stay updated on evolving threats. Qualifications and Experience: Minimum of 7 years of experience in cybersecurity, with at least 3 years in a threat intelligence or similar role. Strong knowledge of cyber threat landscapes, attack vectors, and defensive strategies. Hands-on experience with threat intelligence platforms (TIPs), SIEMs, and other security tools. Familiarity with frameworks such as MITRE ATT&CK, NIST, and Cyber Kill Chain. Experience in analyzing threat data, including malware, indicators of compromise (IoCs), and vulnerabilities. Excellent analytical, communication, and problem-solving skills. Relevant certifications (e.g., CISSP, CEH, GIAC, GCTI) are preferred. Educational Requirements: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master’s degree preferred. Key Competencies: Strong leadership and team management skills. Ability to work under pressure in fast-paced, high-stakes environments. Detail-oriented with a focus on continuous learning and staying ahead of emerging threats. This role offers the opportunity to lead a critical function within our cybersecurity operations and make a tangible impact on the organization's security posture. If you are passionate about staying ahead of cyber threats and have a proven track record in threat intelligence, we encourage you to apply.

Role Overview: We are seeking a highly motivated and analytical individual to join our global Cyber Threat Intelligence team as a Cyber Threat Intelligence Sr. Analyst. As a part of our Advisory & Assessment team, you will contribute to the identification and mitigation of emerging threats, enabling our clients to proactively defend against cyberattacks. Responsibilities: Evaluation of Created Searches: - Assess the effectiveness of the created searches in detecting relevant Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs). - Analyze the frequency of false positives and false negatives to refine search criteria and minimize errors. Reviewing Reports: - Examine the clarity, completeness of the manual and automated reports. - Validate the accuracy of the information presented in the reports, including TTPs, and any associated threat intelligence. Quality Assurance of Incident Analysis: - Evaluate the thoroughness and depth of incident analysis conducted by Analysts/Associates in response to detected TRI events. Including mentioned mitigations or containment actions in the incidents by analysts. - Verify adherence to established incident response procedures and protocols. - Research and Analysis: Conduct in-depth research and analysis of emerging cyber threats, including the evolving threat landscape, industry-specific risks, and geographical threats, to identify potential risks and vulnerabilities. - Threat Reporting: Create intelligence products including comprehensive reports for our customers, providing insights on the current threat landscape, outlining their attack surface, and highlighting open risks that need immediate attention. - Threat Advisories: Review the threat intel advisories developed for our customers by the analysts and associates. - Customer Engagement: Engage with customers on weekly/ Monthly calls, presenting threat intelligence findings, discussing attack surfaces, and addressing any inquiries or concerns they may have. - Ad hoc Intelligence Requests: Assist customers by fulfilling their ad hoc intelligence requests, which may include conducting deep-dive investigations, providing analysis on specific threats, or offering insights into industry-specific risks, investigate the phishing emails and malicious files, Takedown of the brand impersonating profiles. - Incident Qualification: Proactive monitoring of TRI tools and response to any identified incidents. You will be responsible for qualifying incidents to assess their fidelity. Team support: Provide training to analysts and associates about TRI operations & process. Requirements: - Educational Background: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. - Knowledge and Interest: Passion for cybersecurity and a good understanding of the threat landscape, emerging trends, threat actors, and attack vectors. Awareness of different industry and regional threats is advantageous - Analytical Skills: Excellent analytical and critical thinking abilities to interpret complex data, identify patterns, and extract meaningful insights. - Communication Skills: Effective written and verbal communication skills to present technical information clearly and concisely, both internally and externally. - Detail-oriented: Strong attention to detail, ensuring accuracy and precision in research, analysis, and reporting. - Collaboration: Ability to work effectively in a team environment, collaborating with colleagues and customers to achieve common objectives. - Continuous Learning: Eagerness to stay updated on the latest cybersecurity trends, threat intelligence methodologies, and tools. - Certifications: CTIA, CPTIA, GCTI, Cyber Threat Intelligence Training (arcX), CompTIA CySA+ certifications would be advantageous. - Should have strong knowledge of MITRE framework. - Minimum 3 years of experience in cyber security(SOC or Threat Intelligence)